package com.zh.authresource.controller;

import com.zh.authresource.common.ApiResult;
import com.zh.authresource.converter.jwt.JwtService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.List;

import static com.zh.authresource.common.ApiResult.success;

/**
 * 受保护的资源
 */
@Slf4j
@RestController
public class ProtectedController {

    /**
     * 受保护的资源
     *
     * @param jwt
     * @return
     */
    @GetMapping("/messages")
    @PreAuthorize("hasAuthority('ADMIN')")
    public ApiResult getMessages(@AuthenticationPrincipal Jwt jwt) {
        String username = JwtService.getUsername(jwt);
        System.out.println("login success ：username = " + username);
        return success("hello admin, " + username);
    }

    /**
     * 受保护的资源
     *
     * @param sign
     * @return
     */
    @GetMapping("/category")
    public ApiResult<List<?>> categoryList(String sign) {
        log.info("call categoryList() ... sign = {}", sign);

        var xyj = new Category("西游类", "师徒四人西天取经");
        var sgyy = new Category("三国类", "三国之间的纷乱故事");
        var shz = new Category("水浒类", "一群好汉的江湖事迹");
        var hlm = new Category("红楼梦类", "晚清家族内部琐事");

        return success(List.of(xyj, sgyy, shz, hlm));
    }

}
